Institute of Chartered Accountants in England and Wales

24 December 2002


J G Katz Esq
U.S. Securities & Exchange Commission
450 Fifth Street NW
Washington DC
20549 -0609

Dear Mr Katz

File S7-49-02
Strengthening The Commission's Requirements Regarding Auditor Independence:

We are writing to comment on your proposed rules issued and explained under the above title, and published in the U.S. Federal Register on 13 December 2002.

The Institute of Chartered Accountants in England and Wales has been instrumental in enhancing the quality of financial reporting and oversight thereof in the United Kingdom for many years. We set out an overview of the key steps in the last decade in this ongoing process, in Appendix A.

The Institute is also responsible, under authority delegated from the UK government, for oversight of several thousand audit firms, including those responsible for auditing almost all listed companies with additional listings on US stock markets, and UK subsidiaries of US listed companies. We therefore have a direct interest in your rules, as well as a general concern for the enhancement of global confidence in auditing through international convergence of standards.

We have been pleased to be included in discussions with SEC officials in the past, on the subject of auditor independence. You will be aware from those discussions, and from written submissions (for example our letter of 5 September 2000, file reference S7-13-00), that we are a firm advocate of a principles-based threats and safeguards approach to independence. Built within a framework of education, monitoring and enforcement, we believe that this approach offers significant advantages over a detailed rules based approach, as do such bodies as the European Commission and the International Federation of Accountants, whose code is mentioned favourably in the IOSCO paper 'Principles of Auditor Independence'. The events of the last year or so have, if anything, reinforced this view. However, we do not propose to repeat the detailed arguments here, but to address the specific changes you propose to introduce to implement your interpretation of the requirements of the Sarbanes Oxley Act ('SOA').

We have two key issues with the proposed rules which we consider in further detail in the rest of this letter:

  • the inflexibility of the `in or out' approach to provision of non-audit services, which imposes unnecessary restrictions where safeguards are available, while potentially missing services which could result in significant threats to independence ; and

  • the adverse effect on the quality of audit, especially of specialised industries, as a result of the extent of partners in the world-wide engagement team who will be required to rotate after five years.

As regards the provision by audit firms of non-audit services ('NAS') to their audit clients, you have gone to great lengths in your discussion to make it clear that the intention behind the SOA was to implement three basic principles: an auditor cannot (1) audit his or her own work; (2) perform management functions; or (3) act as an advocate for the client. You have then explained, in your analysis of the proposed changes, that compliance with these principles is the driving force behind your interpretation of the SOA's detailed requirements in this area. We strongly endorse this line of thought, and indeed, the conclusions in much of the analysis. However, we have significant concerns that the intention behind the analysis has not been carried through into the actual proposed rule changes themselves, with the result that Audit Committees are being unnecessarily prohibited from being able to make appropriate decisions, where safeguards are available to ensure there is no significant threat to independence.

We are also particularly concerned about the impact of the, in our view unnecessarily wide scope of partners to whom the proposed rotation rule applies. This requires rotation even of partners responsible for small insignificant subsidiaries and will have a significant impact in a number of areas, including specialised industries in all but the most developed economies.

General points

Our comments on the detailed changes are set out below. In summary most of them derive from a small number of general points that lead us to propose amendments to the proposed rules:

    1) The three principles underlying the requirements on the provision of NAS are nowhere to be seen in the proposed rules. We believe this misses an opportunity to make the rules watertight, and inclusion would offer a number of advantages:

    • it would catch services not specifically mentioned that nevertheless breach the fundamental requirements. Indeed, it may assist Audit Committees in their deliberations on approval of permitted NAS;

    • it would automatically provide appropriate answers to many of the detailed interpretational questions you pose when considering whether the rules should be elaborated further;

    • it would recognise that the degree of threat to independence is a continuum: the provision of particular services does not neatly fall into the two categories of `no threat' or `unacceptable, unmitigatable threat'. In practice, the degree of threat to independence will vary from circumstance to circumstance.

    • all regulation has a cost, whether direct or through the introduction of inefficiencies into the market. A key aim of independence regulation must be that companies should not unnecessarily be constrained from selecting whomever is best placed to carry out work for them. By linking the list of prohibitions to the principles (which you state as an aim,) it would permit Audit Committees to approve specific work that might currently be construed as being within the scope of the prohibited services, where that work actually does not breach the fundamental requirements. An important example of this is tax-planning services, where we believe alternative safeguards are available. This is referred to in more detail below.

    2) There seems to be little acknowledgement of the concept of materiality: if a matter is insignificant to all parties there can be no unacceptable compromise to independence by definition.

    We also believe it unnecessary for your proposed rules to impact upon individuals in audit firms who cannot be in a position to exercise significant influence on the opinion, either through detailed oversight by others, or because of the immateriality of what they are doing to the listed entity's group accounts. This is considered further below.

    We consider that all of the requirements should be subject to an assessment of whether a reasonable investor, fully informed of the circumstances, would consider that there was any likelihood that the issue could have any influence on the audit team's judgement.

    3) The rules appear to take a very broad view of what comprises an auditor's `own work'. If an auditor is performing work for a client which is mechanical in nature, does not involve any significant degree of subjectivity and for which the client takes the decisions, we would argue that this does not comprise the auditors 'own work' for these purposes. We believe that your proposed rules should clarify that such operations could safely be carried out, subject to specific safeguards to ensure compliance with the general NAS principles. This is addressed in more detail below.

    4) You ask in a number of places whether exemption should be given, presumably under Section 201(b) of the SOA, for smaller providers of audit services to their audit lists. In terms of the underlying purpose of auditor independence, it is difficult to argue for exemptions for audit firms or client businesses, based purely on size. Our own guidance distinguishes only between the audit of public interest entities, where the perception of threats to independence carries greater weight, and others. As all entities over which the SEC has jurisdiction would be treated as public interest entities, there would seem to be no basis for a distinction, in your independence rules. This does not mean that smaller listed entities would not be adversely affected, for the reasons you describe. This highlights the importance of imposing restrictions only where absolutely necessary to safeguard against an unacceptable compromise to independence.

    5) Again, you ask in a number of places about the impact of withdrawing certain exemptions relating to foreign companies and whether such exemptions should be restored, under section 106(c) of the SOA. We and others have commented before on the extraterritoriality aspects of the SOA and on the unintended results that follow from the application of rules designed for one legal and cultural environment to another. We note that the General Assembly of the Fédération des Experts Comptables Européens has passed a resolution urging the SEC to defer introducing any new rules for foreign issuers and their auditors until there has been a period for proper consultation and consideration. We believe there are grounds for exemptions in some circumstances, where the foreign auditors are required to follow an independence code that complies as a minimum with a recognised international code, such as those promulgated by IFAC and the European Commission and where compliance with that code is monitored and enforced by an external authority.

Detailed points

Our comments on detailed aspects of the proposed rule changes are set out below.

Conflicts of Interest Resulting from Employment Relationships

We have recently introduced a requirement in our own independence guidance, based on the EC Recommendation1 for a two year cooling-off period for key audit partners on the engagement, i.e. those partners in a position to influence the group audit opinion. We do not believe that it is necessary to introduce this requirement in respect of other staff, given the reduced scope for influence, so other safeguards are required in respect of other audit engagement personnel who join the client. We recognise, that your scope for change in this respect is limited by the requirements of the SOA, though there may be issues with legislation on employment restrictions, in the European Union.

Although the cooling off period in our guidance is longer than that you propose, we are not advocating an extension of the one-year period, given the wider scope within the audit firm of your proposed rule.

We note that you have asked whether the appropriate officers at the company are covered by the proposal. As your definition of Financial Reporting Oversight Role is, effectively, a principles -based definition (those who can exercise influence) rather than a detailed list, it should by definition cover all appropriate officers in all circumstances.

NAS: General

Our general concerns about the application of the rule as proposed are covered in the general points above. You ask whether there are other non-audit services that raise independence concerns. For the reasons noted in the general points, we believe it would be economically costly and unnecessary to extend further the list of specified NAS which are prohibited to audit clients regardless of the circumstances. By including the three NAS principles you refer to in the rule, this would obviate the need for such further lists, while ensuring that loopholes cannot be exploited

As regards the general NAS principles, we have commented above that we believe that the definition of 'own work' implied from the proposed rule is too wide for these purposes. It should relate to matters where there is a significant threat to independence, i.e. where there is subjective decision making by the auditor, when undertaking that work.

NAS: Bookkeeping, etc

It follows from our general comments above, that we believe the definition of services prohibited is too wide. The provision of 'mechanical' bookkeeping services, where the decisions are made by the client and the responsibility remains the client's, does not comprise 'own work' or management decision making by the auditor. We accept that there is a perception issue and therefore in our own guidance, such work is prohibited for public interest entities, but permitted for immaterial subsidiaries thereof provided it is of a routine clerical nature or a natural by-product of the audit process - i.e. is of a 'technical, mechanical or informative nature'.

We are concerned that the phrase `preparing statutory statements which form the basis of US GAAP statements' could be interpreted more widely than we hope is intended. In the UK, all companies have to prepare and file statutory accounts, even if subsidiaries of other companies, and it is common practice for the auditors to prepare the accounts, based on the clients own audited financial information. Usually, in the case of subsidiaries, the group consolidated statements will be prepared from an audited 'consolidation pack' or similar. We assume that in such cases, preparation of separate local statutory accounts would rightly not fall within the scope of your rule and it would be helpful if this were to be clarified.

NAS: Financial Information Systems Design & Implementation

Our guidance, in common with that in the EC Recommendation, requires that audit firms may only provide such services to their audit clients when certain specified safeguards are implemented. In substance, these safeguards 2 seek to ensure that management take all the decisions and that the auditors are therefore not going to have to review the consequences of their own decision. It follows that whether or not the auditor's independence is impaired when selecting or testing, for example, software and hardware will depend on the circumstances. If the auditor is testing standard packages and reporting those results to management for decisions, without recommendation, we cannot see that any of the three NAS principles would be breached.

You raise the issue of interpretation of 'significance' in the context of statements. As noted in our general points, we believe the concept of significance or materiality is important when considering impairment of independence. In this particular context the issue is one of auditing own work in giving an opinion on the financial statement. Accordingly, 'significant' would have to be interpreted in terms of the impact of the information generated, on the picture given by those statements. If an error in that information resulted in no significant impact on the financial statements, the threat from auditing own work cannot be material by definition, and the relevant system should not materially be considered as within the rule's scope.

NAS: Valuation and Actuarial Services

We note the inclusion of the `reasonable likelihood that the results will be subject to audit procedures' clause in the proposed rule. This is welcome as it will, rightly, exclude work that is insignificant to the statements being audited (see comments on immediately preceding item).

We have a significant concern that, as with other NAS prohibitions, the notion of what an auditor's 'own work is', has been interpreted too widely for these purposes. Our own guidance prohibits valuation services where the service relates to the valuation of amounts that are directly material to the financial statements being audited, and where the valuation involves a significant degree of subjectivity. Materiality could be construed as being addressed by your rule, if it is assumed that immaterial items would be unlikely to be subject to audit procedures. However, this depends on the interpretation placed by whomever is to be the judge of that wording. What your rule certainly does not allow for is a distinction between work involving subjective judgement, where the threat to independence from self-review is great, and work where there is no scope for judgement (for example performing pre-determined calculations from client-generated data) where the threat is insignificant. Many 'valuations' typically performed by auditors in this country would fall into this latter category. For example, UK tax law requires a fairness opinion in relation to changes in a share option scheme on completion of a rights issue, although the formula set out in the scheme documentation rarely gives any scope for judgement in this opinion. Clarification that such services were not covered by the rule provided that they complied with the three NAS principles or were immaterial, would ease the problem of conflict between the SEC's rules and those of many European countries.

Similar considerations apply to the provision of actuarial services: there may be circumstances where the prospective service has an immaterial impact on the audited financial statements or where there is no significant judgement in the process. In such circumstances the threat to independence is insignificant and absolute prohibition is unnecessary to achieve the end result.

We are pleased to note your assurance in the discussion, that the proposed rule does not prevent review by the auditors of client or third party valuations, as this is by no means clear from the wording of the proposed rule itself.

We address the issue of tax-related valuations further below, under the heading of 'NAS: Tax Services'.

NAS: Internal Audit Outsourcing

The principles behind your existing 'small company' and '40%' exemptions were hard to justify and the removal of those exemptions is logical. However, that is not to minimise the impact of this proposal, especially on small businesses, where one service provider is more common, of the more sweeping prohibition you now propose to impose. This is especially so given the current, and proper, focus on corporate governance, in which internal audit should play a significant part.

You ask a series of questions about possible limitations to the scope of the prohibition. We (in line with the guidance in the EC Recommendation) have resolved these issues with the underlying principles by including requirements similar to those for Financial Information Systems Design (q.v.). That is, the work can only be carried out with specific safeguards3 designed to ensure that management retain responsibility for the internal audit function, including all the decision making. This ensures that the auditor does not get involved in subjective issues and that the threat from self-review is therefore insignificant. At the same time, it allows the auditor to perform such work where the client considers it most appropriate, and indeed may assist the auditor in getting extra knowledge that would be useful for statutory audit purposes. The introduction of such requirements might ease the problems likely to be encountered by smaller businesses.

NAS: Management Functions

We wholly concur with requirements that auditors should not be involved in management decision-making functions. The actual and perceived threats to independence from such roles are too great to envisage safeguards other than prohibition.

You refer to the new requirement for management of SEC - registered clients to produce a statement on the effectiveness of internal financial controls and the audit firm to produce an attestation statement thereon. We consider that there may be a perceived conflict of interest in this area if the external auditor is engaged in the internal audit process. This is because, in forming their assessment, management is likely to have regard to the internal audit assessment of the internal controls. We are of the view that it is unlikely that adequate safeguards can be developed and thus the external audit firm should not participate in internal audit in these circumstances. We are considering introducing additional comment into our own guidance clarifying this.

NAS: Legal Services & Expert Services

We agree with the general requirement that an auditor should not provide advocacy services to an audit client in relation to matters relevant to the statements being audited. While it is likely that the legal services your rule covers will involve an advocacy role, it does not automatically follow. In fact, the likelihood of this will vary from country to country as national legislation differs on legal practice. We believe your proposed rule should clarify that the prohibition relates to services which involve an advocacy role and relate to matters material to the accounts. For services which do not involve these characteristics, we do not see that the key principles are breached.

Similar considerations apply to expert services.

A further issue arises in respect of the latter. In the specific case of certain legal expert witness services, the law in the UK requires experts to address their report to the Court and sets out their overriding duty to the Court rather than the client. We believe such work is acceptable, provided safeguards are in place to ensure that any potential threats to the key principles are addressed. We assume that as your proposed rule refers to `opinions for an audit client', that such work for the Court would not be prohibited and we would suggest that it be made clear that such work is permitted.

NAS: Tax Services

We note that you state `nothing in these proposed rules is intended to prohibit an accounting firm from providing tax services to its audit clients...' Indeed you go on to note Congressional intent that traditional tax preparation services should not be regarded as impairing independence. However, you suggest that auditor independence might be impaired `by the formulation of tax strategies (e.g. tax shelters) designed to minimise a company's tax obligations'. This is followed up with requests for comment on whether auditor independence is so impaired, whether there are tax services that should be prohibited and whether it is meaningful to categorise tax services into permitted and disallowed activities.

The provision of such tax services, like any other form of NAS to audit clients, must comply with the key principles for provision of NAS while maintaining independence. However:

    (a) we do not believe that the management function principle is infringed provided the client takes all the key decisions;

    (b) the advocacy principle would only be a threat if the audit firm were negotiating with, say, the tax authorities about a significant amount, the determination of which involves a high degree of subjectivity. In such circumstances the threat would be removed if any accounting treatment issue inherent were cleared with the engagement team first;

    (c) the final and key principle here is that of not auditing own work. As referred to above, we believe that the threat to independence is significant only where such work is material to the financial statements being audited and involves subjective judgement. This will often not be the case as computations are ultimately subject to review by the IRS and must comply with their rules. We recognise that, in exceptional circumstances, uncertainty over the quantum of tax liability may have a material impact on a company's accounts. In these circumstances, an acceptable safeguard would require that the auditor should rely on a third party (probably that of a tax lawyer) opinion rather then the advice of the audit firm's tax department.

Thus, there are effective safeguards which permit the provision of tax advice by an audit firm to its audit client, without unacceptably compromising independence.

If the proposed, and as noted above, in our view unnecessary, rule on tax services contains absolute prohibitions on types of advice which may be offered, the inevitable consequence is that business will not be able to use their auditors for full and unfettered tax advice. It follows that the benefits of a multi service accountancy firm could be lost, poorer quality tax advice may result and, with taxation often being the principal non-audit service offered, it seems very likely that this would cause firms to fragment, ultimately ending up as `audit only' firms. As has been discussed elsewhere, whilst perhaps superficially attractive this would undoubtedly seriously damage the quality of the people recruited to carry out the audit and thus, the quality of the audit itself.

In addition, to require tax services to be provided by a different firm will undoubtedly lead to significant increases in client costs as audit findings and tax computation tend to be closely interlinked.

Partner Rotation

The concept of partner rotation is fully accepted and has been a requirement in the UK for listed and other public interest clients for many years. Similarly, the five-year period for the lead engagement partner is both accepted and is included in our current guidance. However, we are very concerned about the extent to which the requirement has been extended beyond that of the SOA.

Our own requirements, in common with those in the EC Recommendation, relate to key audit partners - i.e. those in a position to influence the group opinion. This covers all those partners where there can be a significant threat from familiarity, but does not unnecessarily require rotation of other partners, where alternative safeguards can be applied such as an independent partner review of the planning and key issues.

As a result of your proposed revision of the rotation requirements, all partners in the whole engagement team will be required to rotate every five years. This extension to cover those in remote subsidiaries is unnecessary in terms of the independence threat posed and impractical in locations where:

    a) the audit client is in a specialised industry and there are few specialist partners available; and

    b) the audit firm has a relatively small office (in practice, this will be the case in all but the most developed economies and in some regions even in those).

SEC registrant companies include many large multinational companies with complex and diverse businesses. Auditing such a company requires a deep understanding of the business, its systems, controls and people. This knowledge cannot be acquired instantaneously; a period of two or three years learning about the business is the normal requirement before a partner would be permitted to become the lead audit engagement partner. With a five-year rotation period, there simply will not be time for this learning process, with the result that audit quality will be threatened.

In introducing the five-year rotation period for public interest clients in the UK, government ministers have accepted that for partners other than the lead audit engagement partner, the period should remain at seven years. We believe it is essential that the proposed rules be amended to accommodate this if we are to avoid a reduction in the quality of auditing of many of the largest companies. You recognise that the proposed rule goes way beyond the requirements in the SOA; amended rules on the lines we propose would be entirely consistent with the Act.

We also note that technical consultation partners would appear to be included within the definition of those required to rotate. Consistency of knowledge and viewpoint is particularly important in this role, usually fulfilled by a limited number of experts, and compulsory rotation could cause severe practical problems, again leading to reduced audit quality

We agree that it is not necessary to extend compulsory rotation beyond partner level, though audit firms should recognise that a familiarity threat exists for all senior audit staff. We believe it is sufficient to require alternative safeguards (internal or external review, impact of partner rotation, etc).

There may be audit firms that audit listed entities in the US, which are of such a small size that partner rotation is not practicable. This tends not to be the case in the UK, but small audit firms do audit other forms of public interest entity. Accordingly, we do permit alternative safeguards (internal review plus at least annual external consultation) in such circumstances.

Audit Committee Administration

The proposed rule on pre-approval of NAS seems practicable and is in line with the current, and correct, emphasis on the role of Audit Committee. The corporate governance code in the UK is under review and we have suggested that Audit Committees be responsible for approval of policy and contracts re NAS.

We agree with the inclusion of a de minimus threshold: by definition immaterial items do not result in a significant threat to independence. We also believe that specific exemptions for foreign filers are unnecessary in this particular circumstance, provided proposed rule 210.2-01(c)(7) (ii)(B) is retained, allowing pre-approval policies and procedures to be set up. In a large and / or multi-national organisation, pre- approval of every individual service would be totally impracticable. Provided the policies and procedures are sensibly drawn-up, this should not impair independence safeguards.


One of the core threats to independence is that of self-interest, which necessarily requires a firm/office/partner not be unduly dependent on any one audit client.

The principle underlying your proposed rule that audit partners should not be directly financially rewarded for promoting or performing NAS for their audit clients, follows from this.

Assuming that the interpretation placed on the proposed rule is to prevent rewards for such services disproportionate to profit share, we concur with the proposed rule. However, the rule could be interpreted as prohibiting any form of profit share, as profits will generally increase on provision of NAS. Ultimately, all partners income depends on profits. If that wider interpretation were applied, particularly in medium/smaller practices, where income is often a straight percentage of overall profit, most of those partnerships would be disallowed from providing audit services. We believe that it would be useful to elaborate that the intention is to prohibit compensation arrangements that include elements directly benefiting from the performance or provision of NAS to audit clients.

Communication with Audit Committees

UK auditing standards already require communication of key issues to the Audit Committees of listed entities and we endorse the general thrust of your proposed rule. There are, however, a couple of practical points:

  • Your analysis notes that you expect discussion of why estimates on policies are not critical. To require a discussion of why something is not important is to invite a lengthy and open-ended document covering all sorts of irrelevant issues. We believe this would distract from proper consideration of the important points.

  • You advocate that 'other material written communications' be completed before the audit report is filed with the Commission. Again, we are concerned that unimportant details will swamp key issues. For example, a management letter is clearly a material written communication, but the full management letter for a large group might be very lengthy. Within that would be a limited number of items that the Audit Committee need to know before endorsing the financial statements. It is that level of information, and only that level of information, that Audit Committees should need to receive prior to sign off, to allow proper consideration of the key issues.

Disclosure: Principal Accountants Fees

UK company law has required disclosure of fees paid to the auditors for NAS for some years. We have advocated analysis of such fees and endorse the outline of your proposed rule. We see, however, little point in the disclosure of the percentage of fees pre-approved, given your proposed rule in that area. The requirement seems to cast doubt on the legitimacy of the arrangements to render the service 'pursuant to pre-approval policies and procedures': either this is an acceptable alternative to detailed pre-approval (as we believe it to be - see above) or it is not.

Transition Period

We have explained above our serious concern about the potential impact on audit quality of the broad basis of the proposed rule on partner rotation. To the extent that, representation notwithstanding, the final rule in this area goes beyond the provisions of the SOA, it is vital that a sensible transitional period is allowed for full implementation of the rule: perhaps two to three years in order to allow current succession planning to work through and permit an orderly retention of cumulative audit knowledge.

We will be pleased to discuss any of these issues with you.

Yours sincerely

Peter Wyman
President, Institute of Chartered Accountants in England & Wales
+44 207 920 8473

Appendix A

Institute actions to enhance the quality of financial reporting

Following a number of large corporate failures in the United Kingdom in the recession of the early 1990s, it became apparent that action needed to be taken on a number of fronts to ensure the right basic foundations were in place for a financial reporting system: a sound accountancy framework, firm audit enforcement and proper corporate governance:

  1. This Institute took the lead in developing the Cadbury, Greenbury and Hampel codes of corporate governance that are now enshrined in the Listing Rules as the Combined Code. We have considered this in more detail in a letter to you on 29 November, relating to the disclosure required by Sections 404, 406 and 407 of the SOA.

  2. The ICAEW was instrumental in setting up a number of organisations to enhance financial reporting:

      (a) The Accounting Standards Board undertook a very successful clean up act in respect of financial reporting to ensure full and fair accounting and disclosure. Their intention has very much been to ensure that financial statements reflect the substance of transactions, rather than their legal form and that there is transparent disclosure of unusual transactions.

      (b) The Financial Reporting Review Panel considers complaints that the accounts of public and large private companies fail to comply with the accounting requirements of the Companies Act and UK accounting standards. The Panel has the power to order restatements and will, if appropriate, refer audit firms to the Institute for investigation.

      (c) The Auditing Standards Board strengthened Auditing Standards, which again are essentially based around principles, with additional guidance, have been to focus heavily on planning and consideration of risk. Amongst other things, they support the independence guidance by requiring that independence be considered for each audit engagement, documented, and discussed with the Audit Committee.

  3. On the monitoring side, we eschewed the peer review process in 1991 for audit quality control in favour of independent inspectors, employed by the Institute. The Joint Monitoring Unit visits all large audit firms registered with us every year and other firms based on a risk-assessment.

  4. The profession itself, in consultation with the government set up the Accountancy Foundation and its subsidiary boards. This is an independent operation tasked with ensuring we, as regulators, operate in the public interest.

  5. Finally, but most pertinently to this submission, our auditor independence code was revised in 1996 so as to be based on an underlying framework of principles, with additional guidance on threats and safeguards. The purpose of this has been to ensure that adherence to the fundamental principles of integrity and objectivity cannot be circumvented by legalistic interpretation of detailed rules. This basis has been adopted by the International Federation of Accountants for its rewritten independence code published at the end of 2001, and the European Commission for its Recommendation on Statutory Auditor Independence, published in May 2002. In addition, the IOSCO Statement of Principles of Auditor Independence, issued in October 2002, describes a framework of principles, threats and safeguards derived from this approach.

The Institute became one of the first professional bodies in Europe to adopt the detailed provisions of the EC Recommendation, where they differed from our existing guidance, with effect from 1 November 2002.

Appendix B

Extracts from auditor independence guidance, ICAEW

Required safeguards in respect of the provision of design and / or implementation services to audit clients in respect of financial information technology systems

The significance of the self-review threat is considered too high to permit an audit firm or one of its network* firms to provide such FITS services unless:

    (a) the audit client's management acknowledge in writing that they take responsibility for the overall system of internal control;

    (b) the auditor is satisfied that the audit client's management is not relying on the FITS work as the primary basis for determining the adequacy of its internal controls and financial reporting systems;

    (c) in the case of a FITS design project, the service provided involves design to specifications set by the audit client's management; and

    (d) the FITS services do not constitute a `turn key' project (i.e. a project that consists of software design, hardware configuration and the implementation of both), unless the audit client or its management explicitly confirms in the written acknowledgement required under (a) that they take responsibility for:

      (i) the design, implementation and evaluation process, including any decision thereon; and

      (ii) the operation of the system, including the data used or generated by the system.

      Required safeguards in respect of the provision of internal audit services to audit clients

To mitigate self-review threats when involved in an audit client's internal audit task the auditor should:

    (a) be satisfied that the audit client's management or Audit Committee (or equivalent) is at all times responsible for:

      (i) the overall system of internal control (i.e. the establishment and maintenance of internal controls, including the day to day controls and processes in relation to the authorisation, execution and recording of accounting transactions);

      (ii) determining the scope, risk and frequency of the internal audit procedures to be performed; and

      (iii) considering and acting on the findings and recommendations provided by internal audit or during the course of an audit.

    If the auditor is not satisfied that this is the case, the only adequate safeguard would be for the audit firm and any entity within its network* to refuse the audit client's internal audit engagement.

    (b) not accept the outcomes of internal auditing processes for statutory audit purposes without adequate review.

1 European Commission Recommendation "Statutory Auditors' Independence in the EU: A set of Fundamental Principles", May 2002.
2 Wording included in Appendix B.
3 Wording included in Appendix B.